COOLEY GOD WARD LLP 

Attorney Docket No.: CNTW-022/01US 
Client No.: 036958-2055 

WHAT IS CLAIMED IS: 

1 . An apparatus for provisioning a service using a network comprising: 

an information model configured to represent at least one function of a network 
resource to provision said service, said information model configured further to represent 
a relationship between said service and said at least one function, and to represent a 
subset of policies to govern operations of said network for provisioning said service; and 

a processor configured to use a subset of business rules to constrain the 
implementation of said at least one function of said network resource. 

2. The apparatus of claim 1 further comprising a common translation layer to 
translate a first level of abstraction for said network resource to a second level of 
abstraction. 

3. The apparatus of claim 1 further comprising a common translation layer to 
translate a first level of abstraction for said network resource to any number of levels of 
abstraction, wherein said first level includes one or more levels of abstraction. 

4. The apparatus of claim 1 wherein said subset includes at least one business rule 
for constraining configuration of said network resource. 

5. The apparatus of claim 1 wherein said subset includes at least one business rule 
for constraining deployment of said network resource. 
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6. The apparatus of claim 1 wherein said information model comprises: 

a managed entity data structure for representing said network resource; 

an upper layer to provide a first level of abstraction for a first portion of said 
managed entity data structure; and 

a lower layer to provide a second level of abstraction for a second portion of said 
managed entity data structure. 

7. The apparatus of claim 6 wherein said first level of abstraction is associated with 
said subset of business rules and said second level of abstraction is associated with 
configuration data. 

8. The apparatus of claim 1 wherein said information model comprises: 

a managed entity data structure for representing said network resource; 

a first subset of levels of abstraction associated with a first portion of said 
managed entity data structure; and 

a second subset of levels of abstraction associated with a second portion of said 
managed entity data structure. 

9. The apparatus of claim 8 wherein said first subset of levels of abstraction is 
associated with said subset of business rules and said second subset of levels of 
abstraction is associated with configuration data. 

10. The apparatus of claim 7 wherein said configuration data includes at least a 
command to perform said at least one function of said network resource. 
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11. The apparatus of claim 6 wherein said information model further comprises 
another managed entity data structure for representing another network resource. 

12. The apparatus of claim 11 wherein said managed entity data structure and said 
another managed entity data structure include a first role and a second role, respectively. 

13. The apparatus of claim 11 wherein said another network resource is a user 
authorized to implement said network resource. 

14. The apparatus of claim 1 wherein said information model is a directory enabled 
network-next generation ("DEN-ng") information model. 
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15. A computer-implemented method for provisioning a service using a network, the 
method comprising: 

receiving an input by a user to provision a service; and 

selecting a subset of network resources to provide said service based on a subset 
of business rules and one or more network policies, 

wherein at least two of said subset of network resources are different functions. 

16. The method of claim 15 wherein said different functions are provided by the same 
device. 

17. The method of claim 15 wherein said different functions are provided by different 
devices. 

18. The method of claim 15 wherein selecting said subset of network resources 
comprises: 

forming a first representation of a network resource independent of an 
implementation as defined by any vendor; 

forming a second representation of said network resource dependent on said 
implementation as defined by a vendor; and 

translating said input associated with said first representation into said second 
representation to implement said network resource for provisioning said service. 
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19. The method of claim 18 wherein said first representation is a first portion of a 
managed entity in an upper layer of an information model and said second representation 
is a second portion of said managed entity in a lower layer. 

20. The method of claim 19 wherein said first portion includes a first subset of 
attributes defined by a standards-based information model and said second portion 
includes a second subset of characteristics dependent on said vendor, wherein said second 
subset inherits said first subset of attributes. 

21. The method of claim 20 wherein said standards-based information model is a 
directory enabled network-next generation ("DEN-ng") information model 

22. The method of claim 18 wherein translating said input further includes identifying 
a subset of commands to configure each of said subset of network resources. 

23. The method of claim 15 wherein selecting said subset of network resources 
comprises: 

organizing physical and logical characteristics of each of said subset of network 
resources as a tuple; and 

using said tuple as a normalized representation for identifying network resources 
of said subset having similar physical and logical characteristics. 
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24. A computer-implemented method for provisioning a service using a network, the 
method comprising: 

modeling a number of network resources to represent knowledge information of 
each network resource of said number of network resources, said knowledge information 
including physical and logical characteristics associated with each said network resource 
of said number; and 

organizing said physical and logical characteristics as a tuple. 

25. The method of claim 24 wherein said physical and logical characteristics include 
vendor, type of device, product family, model of device, and operating system. 

26. The method of claim 24 further comprising identifying a subset of network 
resources to provide said service, wherein at least two of said subset of network resources 
are different devices. 

27. The method of claim 26 further comprising: 

modeling said service to represent relationships to the functions of said network 
resources; 

selecting said service via a user interface; and 

translating an object representing one of said different devices at a high-level of 
abstraction to another object representing said one of said different devices at a low-level 
of abstraction, 

wherein said relationships are modeled using an information model. 
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28. The method of claim 27 wherein said high-level of abstraction includes a first role 
and said low-level of abstraction includes a second role. 

29. The method of claim 28 wherein said first role is used to authorize deployment of 
said service and said second role is used to authorize configuration of said one of said 
different devices. 

30. The method of claim 27 wherein said low-level of abstraction is associated with a 
vendor-specific command. 

3 1 . The method of claim 30 wherein said command is chosen based on said tuple. 

32. The method of claim 24 wherein said knowledge information is represented by an 
XML Schema Definition ("XSD") data model. 
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